[lug] Debian/Ubuntu keys
John Hernandez
jph at jph.net
Tue May 13 17:43:56 MDT 2008
I suspect it updated the host keys, which is good, but individual user
keys (if present in authorized_keys files) may still need to be regenerated.
It's also worth noting that this can affect non-Debian systems that
allow key-based SSH authentication, where the key material may have been
generated on a vulnerable machine.
If you administer a server with many ssh-enabled accounts, you should
consider using the dowkd utility to check for weak keys in
authorized_keys files.
http://security.debian.org/project/extra/dowkd/dowkd.pl.gz.asc
http://security.debian.org/project/extra/dowkd/dowkd.pl.gz
-John
Nathan Berry wrote:
> I have an Ubuntu system that I just updated. When the update ran it
> automagically regenerated some new keys.
>
>
> Nathan
>
>
>
> On Tue, May 13, 2008 at 1:27 PM, John Hernandez <jph at jph.net
> <mailto:jph at jph.net>> wrote:
>
>
> For those of you using Debian and Ubuntu systems, you should be
> aware of a recently announced vulnerability concerning openssl and
> weak keys generated on these systems.
>
> In particular, this could affects folks that use SSH key-based
> authentication.
>
> Here's the Debian Advisory
>
> http://www.debian.org/security/2008/dsa-1571
>
> -John
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us <http://lug.boulder.co.us>
> port=6667 channel=#colug
>
>
>
>
> --
> "Believe nothing, no matter where you read it - even if I have said it -
> unless it agrees with your own reason and your own common sense."
>
> -- Buddha
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
More information about the LUG
mailing list